论文信息 - Detecting authentication misuse attacks against SIP entities

Detecting authentication misuse attacks against SIP entities

Nowadays mainstream of evolution towards next generation networks extends SIP application as a simple and efficient protocol for management of multimedia communications. Simplicity of SIP increases security concerns for service providers about various kinds of misuse including Denial of Service (DoS) attacks. The target of DoS attacks in SIP can be bandwidth, memory or CPU. In this paper we proposed a user profile based anomaly detection method to identify CPU-based DOS attacks that misuse authentication mechanism of SIP. We validated and evaluated our proposed solution in real test-bed based on the well-known open-source tools. The simulation results report the effectiveness of our approach in detection of this specific type of attacks.

Sajad Pourmohseni | Hassan Asgharian | Ahmad Akbari

[1] Dorgham Sisalem,et al. Denial of service attacks targeting a SIP VoIP infrastructure: attack scenarios and prevention mechanisms , 2006, IEEE Network.

[2] Kotagiri Ramamohanarao,et al. Protecting SIP server from CPU-based DoS attacks using history-based IP filtering , 2009, IEEE Communications Letters.

[3] Abhishek Kumar,et al. A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack , 2011 .

[4] Christopher Leckie,et al. CPU-based DoS attacks against SIP servers , 2008, NOMS 2008 - 2008 IEEE Network Operations and Management Symposium.

[5] Hassan Asgharian,et al. Detecting Denial of Service Attacks on SIP Based Services and Proposing Solutions , 2012 .

[6] Hassan Asgharian,et al. A framework for SIP intrusion detection and response systems , 2011, 2011 International Symposium on Computer Networks and Distributed Systems (CNDS).

[7] Yu Bai. Analysis of EnterpriseVoIP Traffic from aWire line IMS System , 2009 .

[8] Sven Ehlert,et al. Denial-of-service detection and mitigation for SIP communication networks , 2009 .